Capture screenshots of web pages that use Basic Authentication

To avoid issues with the URL both the username and password should be URL encoded.

To capture a web page, which is protected by basic authentication you need to pass the required username and password via the URL. This method of encoding user information to use with the basic authentication protocol is part of the RFC3986 URL standard.

The required URL format is shown below simply replace [username] and [password] with the username and password used in the basic authentication.

http://[username]:[password]@example.com/index.html

Once you have created a URL which contains your required basic authentication credentials it can then be used in our API or Screenshot Tool.

Security

Of course whenever usernames and passwords are stored it raises security concerns. To mitigate this we only store the username and password in the URL until the screenshot is taken at which point it is removed from the URL. Usually this means a username and password will be stored for less than thirty seconds.

Another way of increasing security, if your use case allows it, is to create a username and password just for GrabzIt to use. Then you can easily block all further access if desired without affecting other users.

Additionally we also support taking screenshots of webpages that are behind a session based login.